Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Product Security Analyst, APAC image - Rise Careers
Job details

Product Security Analyst, APAC - job 1 of 2

HackerOne is the global leader in human-powered security, harnessing the creativity of the world’s largest community of security researchers with cutting-edge AI to protect your digital assets. The HackerOne Platform combines the expertise of our elite community and the most up-to-date vulnerability database to pinpoint critical security flaws across your attack surface. Our integrated solutions, including bug bounty, pentesting, code security audits, spot checks, and AI red teaming, ensure continuous vulnerability discovery and management throughout the software development lifecycle. Trusted by industry leaders such as Coinbase, General Motors, GitHub, Goldman Sachs, Hyatt, PayPal, and the U.S. Department of Defense, HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.

Based in Pune, India on a hybrid basis

Position Summary

HackerOne is seeking a dynamic individual with a passion for Information Security to join our Technical Services team. As a Security Analyst, you will gain hands-on technical experience and exposure to some of the world’s best hackers while delivering high-impact vulnerabilities to the top bug bounty programs in the industry.  

This role requires excellent communication skills, intellectual curiosity and drive to acquire the technical skills you’ll need to ensure every valid bug report is reproducible and provides value to HackerOne customers. 

What You Will Do

  • Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers

  • Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid

  • Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice

  • Ensure clear and efficient communication between hackers and customers

  • Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success

Minimum Qualifications

  • 3+ years of professional manual web app testing experience

  • Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required)

  • Strong technical knowledge of OWASP top 10

  • Comfortable using security testing tools including Burpsuite 

  • Excellent written and verbal communication skills

  • Experience using frameworks such as CVSS

  • Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm

  • English fluency - both written and verbal

  • Candidates must already based in Pune, India and willing to work hybrid from an office/WeWork

Compensation Bands:
2,520,000 - 2,835,000 INR

#LI-Remote

#LI-MR1

We are a Circle Back Initiative Employer and commit to responding to every applicant.

We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Employment at HackerOne is contingent on a background check.

HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws.

This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time.

For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

HackerOne Values

HackerOne commits to maintaining a strong, inclusive culture built for our employees and our community of hackers. We are driven by our five core values. We recognize that our mission is bigger than us, and therefore act with integrity at all times. As a team, we believe that transparency builds trust so we default to disclosure in our communications. Each individual executes with excellence, creating an environment of greater alignment and greater autonomy. We win as a team and respect all people to empower everyone to learn from each other, innovate, and grow.

HackerOne Glassdoor Company Review
4.5 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon
HackerOne DE&I Review
3.9 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
CEO of HackerOne
HackerOne CEO photo
Marten Mickos
Approve of CEO
by HackerOne on Glassdoor

Average salary estimate

$32210.5 / YEARLY (est.)
min
max
$30373K
$34048K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Product Security Analyst, APAC, HackerOne

HackerOne, the global leader in human-powered security, is on the lookout for a dedicated Product Security Analyst to join our vibrant team in Pune. This is an incredible opportunity for anyone passionate about Information Security who wants to work alongside some of the world’s top hackers. In this dynamic role, you will dive deep into evaluating vulnerability reports submitted by real hackers, determining their validity, risk, and severity for our clients. You'll be responsible for composing detailed summaries of your findings, ensuring that every report clearly outlines the impact and remediation steps. Your excellent communication skills will shine as you collaborate with hackers and clients alike, turning complex security issues into actionable insights. You’ll also proactively identify and address any issues that arise, contributing to a culture of teamwork and shared success. If you're ready to enhance your technical expertise and make a tangible difference in the security landscape for major clients like Coinbase and Goldman Sachs, then this role at HackerOne is right for you. With competitive compensation and a hybrid working model in place, HackerOne not only values technical skills but also a strong commitment to personal growth and development, making it an ideal spot for tech enthusiasts eager to innovate and excel in their careers.

Frequently Asked Questions (FAQs) for Product Security Analyst, APAC Role at HackerOne
What are the main responsibilities of a Product Security Analyst at HackerOne?

As a Product Security Analyst at HackerOne, your key responsibilities include evaluating and validating vulnerability reports submitted by hackers, creating technical summaries detailing the findings, and fostering clear communication between both hackers and our clientele. You'll also need to proactively identify issues to ensure a smooth and efficient workflow within the Technical Services team.

Join Rise to see the full answer
What qualifications are required for the Product Security Analyst position at HackerOne?

To qualify for the Product Security Analyst position at HackerOne, candidates must have at least 3 years of professional manual web application testing experience and a solid understanding of the OWASP top 10 vulnerabilities. Strong written and verbal communication skills, familiarity with security testing tools like Burpsuite, and CVSS frameworks are also essential.

Join Rise to see the full answer
How does HackerOne support the growth of its Product Security Analysts?

HackerOne supports the growth of its Product Security Analysts by providing them hands-on experience and exposure to some of the best hackers in the industry. The company also nurtures a culture that encourages continuous learning, allowing analysts to collaborate across teams and hone their technical skills in a supportive environment.

Join Rise to see the full answer
What can I expect from the work environment as a Product Security Analyst at HackerOne in Pune?

Working as a Product Security Analyst at HackerOne in Pune involves a hybrid work model that combines remote work flexibility with office collaboration. You'll be part of a transparent and inclusive team-driven culture where innovation is encouraged, and every individual's contribution is valued. This environment fosters professional growth and development.

Join Rise to see the full answer
Is experience in managing a bug bounty program necessary for the Product Security Analyst role at HackerOne?

While experience managing a bug bounty program is regarded as a plus, it is not a strict requirement for the Product Security Analyst role at HackerOne. Candidates with a solid background in web application testing and vulnerability disclosure will find themselves well-prepared to thrive in this position.

Join Rise to see the full answer
Common Interview Questions for Product Security Analyst, APAC
What methods do you use to validate vulnerability reports as a Product Security Analyst?

In validating vulnerability reports, I typically cross-reference the reported issues with the OWASP top 10 vulnerabilities, use security testing tools like Burpsuite for actual testing, and collaborate with the reporting hacker to clarify any ambiguities. It's essential to ensure thorough validation for clients.

Join Rise to see the full answer
Can you describe your experience with vulnerability disclosure?

In my previous roles, I have engaged in various aspects of vulnerability disclosure, from assessing the risk of reported issues to communicating findings back to the hackers and clients. My experience has taught me the importance of clarity and accuracy to foster trust in the process.

Join Rise to see the full answer
How do you ensure effective communication between hackers and clients?

I prioritize clear, concise communication by summarizing technical findings in an easily digestible format. Keeping both hackers and clients informed throughout the process is key, and I strive to address questions or concerns promptly to maintain an effective dialogue.

Join Rise to see the full answer
What challenges have you faced in previous roles and how did you overcome them?

Challenges such as misinformation in vulnerability reports have occurred. I overcame these by developing strong relationships with the hacking community, encouraging detailed submissions, and cultivating a transparent communication style, which greatly minimized misunderstandings.

Join Rise to see the full answer
How familiar are you with the OWASP Top 10 vulnerabilities?

I have a comprehensive understanding of the OWASP Top 10 vulnerabilities, which I regularly apply in my work by analyzing reported issues against this widely recognized framework. Staying updated on recent trends and reports in this area is vital to my role as a Product Security Analyst.

Join Rise to see the full answer
What role does teamwork play in the position of a Product Security Analyst?

Teamwork is crucial as collaborating with diverse perspectives enhances the quality of our vulnerability assessments. I believe that sharing knowledge and experiences within the team not only fosters personal growth but also contributes to HackerOne's overall success.

Join Rise to see the full answer
Describe a time when you had to quickly adapt to a new situation in your previous role.

I faced a situation where a new security tool was introduced, requiring rapid adaptation. I took the initiative to familiarize myself with its features and benefits, and then organized a training session for my teammates, ensuring everyone could leverage the new tool effectively.

Join Rise to see the full answer
What do you love most about working in information security?

I love the constantly evolving nature of information security. The thrill of staying ahead of cyber threats and collaborating with brilliant minds in the field keeps me motivated. It's rewarding to know that my work contributes to making the digital world a safer place.

Join Rise to see the full answer
How do you stay updated on the latest security vulnerabilities and trends?

I stay updated through continuous learning by reading industry blogs, following vulnerability databases, participating in forums, and attending conferences. Networking with other professionals and hackers also provides insights into emerging trends and techniques in security.

Join Rise to see the full answer
What do you consider the most important skill for a Product Security Analyst?

I believe the most crucial skill for a Product Security Analyst is the ability to communicate effectively. This entails not only synthesizing complex technical details into understandable terms for various stakeholders but also being approachable and receptive to feedback.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
HackerOne Remote No location specified
VIEW
Posted 12 days ago
Photo of the Rise User
HackerOne Remote No location specified
VIEW
Posted 9 days ago
Photo of the Rise User
Merlin Labs Hybrid Boston
VIEW
Posted 8 days ago
Photo of the Rise User
Experian Remote Centro Corporativo El Cafetal, Heredia, Heredia, Costa Rica
VIEW
Posted 12 days ago
Photo of the Rise User
NexThreat Remote Philadelphia, PA
VIEW
Posted 7 days ago
Photo of the Rise User
Booz Allen Hamilton Hybrid Hanscom AFB, MA
VIEW
Posted 7 days ago
Photo of the Rise User
PointClickCare Hybrid Salt Lake City, UT
VIEW
Posted 9 days ago
Photo of the Rise User
PA Consulting Remote 10 Bressenden Place, London, SW1E 5DN, United Kingdom, London, United Kingdom
VIEW
Posted 9 days ago
S
SciTec Hybrid No location specified
VIEW
Posted 7 days ago
Photo of the Rise User
Concurrency Hybrid Greater Milwaukee area
VIEW
Posted 2 days ago
Photo of the Rise User By HackerOne

HackerOne is leading a cybersecurity platform that connects businesses with penetration testers and cybersecurity researchers. HackerOne's customers include The U.S. Department of Defense, Google, GitHub, Microsoft, Nintendo and more.

100 jobs
MATCH
Calculating your matching score...
BADGES
Badge ChangemakerBadge Diversity ChampionBadge Flexible CultureBadge Work&Life Balance
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
INDUSTRY
TEAM SIZE
LOCATION
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
December 7, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Show me relevant jobs ASK RISA ✨
ABOUT RISE
FOR COMPANIES
REMOTE JOBS & MORE
LOOKING FOR A JOB?
FIND A JOB NEAR ME
POPULAR JOBS
Rise logo
Privacy Policy and Terms of Service
© 2021 Work Rise LLC. All rights reserved.
Proudly made in NYC.
CONNECT
Facebook Instagram LinkedIn Tiktok